Economic Woes Unlikely to Slow Acquisitions Among IT Security Companies

From Symantec to McAfee, IT security companies are still spending money on acquisitions in the face of trouble in the U.S. economy. Symantec's move to buy MessageLabs is just one of several acquisition moves by major security vendors in the past few months, including plays by McAfee and Sophos.

Even in a time of economic woes, IT security companies have shown themselves
to be unafraid of making acquisitions.
The latest example came Oct. 8 from Symantec, which is putting up $695
million to buy security SAAS (software as a service) vendor MessageLabs.
Symantec officials said the deal would bring upselling and cross-selling
opportunities and enable the company to build out its own SAAS business.

In August, Symantec announced it will acquire PC Tools for an undisclosed
sum. But Symantec is not the only company that has been on a bit of a spending spree.
One of its chief security rivals, McAfee, agreed to acquire
Secure Computing for $465 million last month. McAfee also closed on its $46
million purchase of Reconnex in August. Then there's Sophos, which just bought
Utimaco Safeware.

But can such consolidation in the security market continue? Yes, some
analysts said, and the ongoing challenge of securing enterprises is the reason
why.
"If you look at the things that are going on in the market today, there's
some things that businesses can't afford to go too light on given the exposure
that they have," said Scott Crawford, an analyst with Enterprise Management
Associates. "Businesses are already taking a pretty solid hit in terms of
mismanaged business risk. They can ill-afford additional exposure to security
and related IT risks."
A survey by Forrester Research bears that out. According to the analyst
firm, most IT security decision makers expect their security
budgets to either increase or stay the same in the coming year.

A weak market offers an opportunity for strong companies to snap up smaller
vendors, noted Mike Haro, senior security analyst at Sophos, who added that Sophos
is bullish about building the company's reach through future acquisitions.
Greg Hughes, Symantec's chief strategy officer, offered a similar sentiment.
IT security and compliance remain robust markets even in the current market
climate, he noted. There is long-term pressure, he added, to provide customers
with simpler, comprehensive offerings from a single vendor-which means
consolidation in the security space will continue.
"Acquisitions are a key part of our growth strategy," he said. "We look for
companies that we think are extremely well-run and that fit our portfolio real
well ... and that will help underpin our long-term growth objectives. So we will
continue to be acquisitive."

Still, the turmoil in the mortgage and credit markets threatens to dry up a
source of funding for wheeling and dealing by security companies, opined Paul
Roberts, an analyst with The 451 Group. While there may be some tough quarters
ahead in terms of IT spending, vendors know fundamentally, enterprises need
security, he said.
"Companies are not going to abandon their use of technology, e-mail or the
Internet," he said. "In a year, we're not all going to be crouched in bunkers-Terminator
style- staring at the embers from our campfires and the piles of detritus from
our former lives.
"We're going to be coming to work, switching on our computers and
working. To that end, we're still going to need the technology and services
that these companies are selling," Roberts said.